Encrypting Values for the Variables Template

Integration Server 10.15 | Microservices Runtime Guide | Using Configuration Variables Templates with Microservices Runtime | Editing a Configuration Variables Template | Encrypting Values for the Variables Template

You may want your configuration variables template to use encrypted values for sensitive data such as passwords. Microservices Runtime provides a way to generate an encrypted value which can then be placed in the template.

For encryption, Microservices Runtime uses AES to encrypt the values for configuration variables, in particular AES/ECB/PKCS5Padding. When a Docker image is created for Microservices Runtime using the Docker script is_container.bat/sh, the script bundles a secret key with the image, allowing the encrypted values from one instance to be decrypted and reused in another.

Instead of encrypting values, you can use Kubernetes Secrets for confidential data such as passwords. For more information about Kubernetes Secrets, see Using a Kubernetes Secret with a Configuration Variables Template.

Note:
When you generate a configuration variables template, Microservices Runtime replaces any passwords and any secret global variables with ****** .

Software AG recommends that you encrypt all passwords and other sensitive data in your configuration variables templates.

To encrypt a value

1. Open the Microservices Runtime Administrator for the Microservices Runtime that you want to use to generate an encrypted value.

2. Go to Microservices > Configuration variables.

3. Click Generate Encrypted Configuration Variables.

4. In the Value field, enter the value that you want encrypted.

By default, Microservices Runtime Administrator masks any characters that you enter in the Value field. Click the Show Value check box if you want Microservices Runtime Administrator to display the characters in clear text.

5. Click Encrypt.

Microservices Runtime encrypts the value and displays the encrypted value in the Encrypted Value field.

6. Click Copy to copy the encrypted value to the clipboard.

7. Open the configuration variables template to which you want to add the encrypted value, locate the key for which you want to use the value, and then paste the copied value into the template.

8. Repeat steps 4 –7 for each value you want to encrypt.